---
apiVersion: v1
kind: ConfigMap
metadata:
  name: kratos-config
data:
  # yamllint disable rule:indentation
  kratos.yml: |
    # All URLS must be set in the environment variables instead of config.
    selfservice:
      methods:
        password:
          enabled: true
          config:
            haveibeenpwned_enabled: false
        link:
          enabled: true
      flows:
        verification:
          enabled: false

        recovery:
          enabled: true

        settings:
          privileged_session_max_age: 15m

        registration:
          after:
            password:
              hooks:
                -
                  hook: session
    log:
      level: trace
    hashers:
      argon2:
        parallelism: 1
        memory: 128MB
        iterations: 2
        salt_length: 16
        key_length: 16

    identity:
      default_schema_id: default
      schemas:
        - id: default
          url: file:///etc/config/kratos/identity.schema.json

    courier:
      smtp:
        connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true
  identity.schema.json: |
    {
      "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json",
      "$schema": "http://json-schema.org/draft-07/schema#",
      "title": "User",
      "type": "object",
      "properties": {
        "traits":{
          "type": "object",
          "properties": {
            "email": {
              "type": "string",
              "format": "email",
              "title": "E-Mail",
              "minLength": 3,
              "ory.sh/kratos": {
                "credentials": {
                  "password": {
                    "identifier": true
                  }
                },
                "recovery": {
                  "via": "email"
                }
              }
            }
          },
          "required": [
            "email"
          ]
        }
      },
      "additionalProperties": false
    }
